Account hijacking attempt at netsol by kbiltagy@gmail.com

[katherine]

So yesterday I received a password reset request from netsol.
Today I got this:

Dear #############

Thank you for contacting Network Solutions. Your fax has been received by the Fax Processing Department. We are committed to creating the best Customer experience possible.

We apologize, but we are unable to process your request due to the reason(s) listed below.

Invalid Utility Bill

Since the address on your identification does not match the information we have on file, please supply a utility bill that includes your name and address, as shown on your identification. The name and address on the utility bill that you submitted do not match the ones in your driver's license.

In order to resolve your issue and process your fax, please resubmit your request in its entirety, with the additional information, as outlined above, to 571-434-4623.

...

This was sent to the address on record AND kbiltagy@gmail.com
Found here: http://www.islamicfinder.org/phone/g...id=96194&lang=

Now the scammers are using forged documents to steal domains.
I advise that you report all fraudulent activity to netsol, even something as benign as a password reminder.

Beware !

[draggar]

Holy $h!t!

I think this should go for any suspicious activity with any registrar.

[south]

And if they had sent a better forgery of your utility bill, they might have gotten away with it. DTVS at GoDaddy sounds better all the time.

[Banned: theinvestor]

Is it possible this could be a mistake? Possibly a previous owner who thought he still owned the domain when it actually dropped.

Have you picked this up from a drop?

[draggar]

And if they had sent a better forgery of your utility bill, they might have gotten away with it. DTVS at GoDaddy sounds better all the time.

Do you have it? What additional security does it involve?

[south]

Do you have it? What additional security does it involve?

Yes. You need an executive account rep.

They you on a phone number you provide to get a code you provide before any transfer (or outgoing push) to get your authorization. So, a person would have to know your code, and have physical possession of your phone to get a name out of your account, even if they managed to get into your account somehow. And in addition, I'm sure most reps know the sound of their customers voices.

[katherine]

Is it possible this could be a mistake? Possibly a previous owner who thought he still owned the domain when it actually dropped.

Have you picked this up from a drop?

I pretty much doubt it. It has the patterns of an account hijacking.
I don't know if a particular domain is being targeted. The names we have at netsol were acquired at NJ, of course we transfer them away later...

First there was the password reset attempt, but now we are talking about a forged fax (identity theft). Netsol replied to my message and said they are going to call within 24 hours. I'm hoping to find out more.

[Banned: theinvestor]

Katherine,

They said this to you "The name and address on the utility bill that you submitted do not match the ones in your driver's license."

I know people always want to feel like they were targetted but have you looked into the possibility that they were previous owners who don't realize they dropped the name?

This occurs often believe it or not where companies lose a name and then try to recover it by not knowing what actually happened.

The fact they told you the NAME and ADDRESS do not match it means it is not identity theft. Since the name doesn't match either.... nothing is forged..you made that assumption yourself.

[katherine]

I believe it is an attempt to take over the primary user ID using the ad hoc fax forms... I don't know what else

[draggar]

Yes. You need an executive account rep.

They you on a phone number you provide to get a code you provide before any transfer (or outgoing push) to get your authorization. So, a person would have to know your code, and have physical possession of your phone to get a name out of your account, even if they managed to get into your account somehow. And in addition, I'm sure most reps know the sound of their customers voices.

They send a text message to your phone with the code?

[south]

They send a text message to your phone with the code?

No you give them the code you want to use when you set it up.

Then they call you to ask you for it (voice) prior to releasing any domain from your account.

[whitebark]

Want to secure your valuable domains? Go with Fabulous.com. No need to beg for an account rep, and they offer much better security at no cost.

---------- Post added at 02:31 PM ---------- Previous post was at 02:30 PM ----------

You also don't have to deal with GoDaddy's notorious idiotic customer service.

[katherine]

So netsol called in, they said a customer messed up but it was a genuine mistake and all is fine... this time
I was quick to pull the trigger but all those stolen domains threads don't make me less paranoid.

[tomsa]

Thanks kate, this is pretty scary !
Fortunately Netsol learned its lessons since the sex.com case.

[katherine]

Since we cannot edit posts in the legal section perhaps it would be nice if a mod could wipe out the E-mail address, so as to protect the guily